Since I use Linux exclusively, and have to interface with clients using various Windows technologies, open standards are an important aspect of our tech-life. For example, we use OpenOffice to read Word/Excel/Powerpoint files, and so on.
One thing that comes infrequently is the need to login to a corporate virtual private network (VPN) that uses Cisco's Easy VPN.
The client would send me a .pcf, and since I use Linux and prefer the command line, I have to convert it into vpnc's format.
We found that the easiest way is programmatic, but involves a few steps of preparation.
The steps below assume that you are running Ubuntu 8.04 LTS, but should work pretty much the same for any Debian derived distro. Other distros differ only in the the vpnc configuration path, and the way you install the dependencies needed.
First, we get the pcf2vpnc converter program. This is a perl script.
# Get the pcf to vpnc configuration file converter wget http://svn.unix-ag.uni-kl.de/vpnc/trunk/pcf2vpnc # Make it executable chmod +x pcf2vpnc # Move it to a place in our path mv pcf2vpnc /usr/local/bin/
The above script calls a decrypt program for the group password in the .pcf file. Therefore we need to get the program and compile it. This also involves installing some dependencies for it as well.
# Get the cisco decrypt program wget http://www.unix-ag.uni-kl.de/~massar/soft/cisco-decrypt.c # Get the dependencies needed for it sudo aptitude install libgcrypt-dev libgpg-error-dev # Compile it into a binary gcc -Wall -o cisco-decrypt cisco-decrypt.c $(libgcrypt-config --libs --cflags) # Move it to a place in our path sudo mv cisco-decrypt /usr/local/bin
We are now ready to run the script against the .pcf file, and save it to a .conf file
# Run the converter, which will call the decrypt program pcf2vpnc Client.pcf > client.conf
We then copy the converted configuration file to vpnc's configuration directory:
sudo cp client.conf /etc/vpnc
And finally, we test the configuration file by logging to the VPN:
sudo vpnc client
Comments
Pablo Estigarribia (not verified)
Thanks a lot
Wed, 2010/09/08 - 13:14Many thanks to you, it worked on the rocks in Ubuntu 10.04 !
Just note:
sudo aptitude install libgcrypt-dev libgpg-error-dev
(sudo missing before)
Gil (not verified)
I am linux newbie, but I
Tue, 2010/09/21 - 11:29I am linux newbie, but I managed to get the VPN connection working by following your excellent intructions. How do I disconnect from the VPN once I am finished using it?
Khalid
Disconnecting
Tue, 2010/09/21 - 11:32To disconnect, use:
Gil (not verified)
Thanks for you quick answer
Tue, 2010/09/21 - 12:55Thanks for you quick answer
Ronald Portier (not verified)
Error while decoding
Mon, 2010/10/04 - 04:40Hello,
Not working fully for me on Debian Squeeze.
When I run the command I get a partial .conf file. However the encrypted secret has correctly been decrypted and has been placed in the IPSec secret line. Then I get an errormessage, and the conversion is incomplete.
This is a dump of what I did:
# pcf2vpnc client.pcf > client.conf
decoding input: No such file or directory
Any ideas??
A solution would me much appreciated. Would like just to use the opensource solution.
Kind regards,
Ronald
Anonymous (not verified)
solution for Debian Squeeze
Sun, 2011/01/09 - 20:16I had the same issue on squeeze... but the solution is simple.
"#pcf2vpnc client.pcf"
The script will produce a file of the same name but as client.conf.
This solution worked great on Debian Squeeze for me.
Anonymous (not verified)
great
Mon, 2011/02/28 - 15:42working for me too! many thanks
it gave me error: decoding input: No such file or directory
but job was done on debian squeeze
great!
vijay dafal (not verified)
All instructions worked even provided by other suggestions!
Sun, 2011/03/20 - 11:16it worked for me on Ubuntu 10.10!
wjmmx (not verified)
Great job!
Fri, 2011/05/13 - 01:14Works for me on Ubuntu 10.10!
Anonymous (not verified)
Thanks a lot ! Really!
Wed, 2011/10/19 - 13:11Thanks a lot ! Really!
Pages